diff options
31 files changed, 215 insertions, 156 deletions
diff --git a/lib/puppet.rb b/lib/puppet.rb index f6debc0b1..e0d8a8e6c 100644 --- a/lib/puppet.rb +++ b/lib/puppet.rb @@ -5,6 +5,7 @@ require 'puppet/event-loop' require 'puppet/util' require 'puppet/log' require 'puppet/config' +require 'puppet/suidmanager' #------------------------------------------------------------ # the top-level module @@ -74,7 +75,7 @@ module Puppet # use basedirs that are in the user's home directory. conf = nil var = nil - if self.name == "puppet" and Process.uid != 0 + if self.name == "puppet" and Puppet::SUIDManager.uid != 0 conf = File.expand_path("~/.puppet") var = File.expand_path("~/.puppet/var") else diff --git a/lib/puppet/config.rb b/lib/puppet/config.rb index 81ec4fe85..337a50bbc 100644 --- a/lib/puppet/config.rb +++ b/lib/puppet/config.rb @@ -203,7 +203,7 @@ class Config raise ArgumentError, "Default %s is not a file" % default end - Puppet::Util.asuser(obj.owner, obj.group) do + Puppet::SUIDManager.asuser(obj.owner, obj.group) do mode = obj.mode || 0750 Dir.mkdir(obj.value, mode) end @@ -629,12 +629,12 @@ Generated on #{Time.now}. end chown = nil - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 chown = [obj.owner, obj.group] else chown = [nil, nil] end - Puppet::Util.asuser(*chown) do + Puppet::SUIDManager.asuser(*chown) do mode = obj.mode || 0640 if args.empty? @@ -662,13 +662,13 @@ Generated on #{Time.now}. end chown = nil - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 chown = [obj.owner, obj.group] else chown = [nil, nil] end - Puppet::Util.asuser(*chown) do + Puppet::SUIDManager.asuser(*chown) do mode = obj.mode || 0640 if args.empty? args << "w" @@ -878,7 +878,7 @@ Generated on #{Time.now}. } # Only chown or chgrp when root - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 [:group, :owner].each { |var| if value = self.send(var) obj[var] = value diff --git a/lib/puppet/filetype.rb b/lib/puppet/filetype.rb index 081448f33..d05c1469d 100755 --- a/lib/puppet/filetype.rb +++ b/lib/puppet/filetype.rb @@ -174,7 +174,7 @@ module Puppet # does not think I should be allowed to set the @path to my own user name def cmdbase cmd = nil - if @uid == Process.uid + if @uid == Puppet::SUIDManager.uid return "crontab" else return "crontab -u #{@path}" @@ -187,14 +187,14 @@ module Puppet newfiletype(:suntab) do # Read a specific @path's cron tab. def read - Puppet::Util.asuser(@path) { + Puppet::SUIDManager.asuser(@path) { %x{crontab -l 2>/dev/null} } end # Remove a specific @path's cron tab. def remove - Puppet::Util.asuser(@path) { + Puppet::SUIDManager.asuser(@path) { %x{crontab -r 2>/dev/null} } end @@ -202,7 +202,7 @@ module Puppet # Overwrite a specific @path's cron tab; must be passed the @path name # and the text with which to create the cron tab. def write(text) - Puppet::Util.asuser(@path) { + Puppet::SUIDManager.asuser(@path) { IO.popen("crontab", "w") { |p| p.print text } diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb index b1c5b34e6..19ea27228 100644 --- a/lib/puppet/sslcertificates/ca.rb +++ b/lib/puppet/sslcertificates/ca.rb @@ -265,7 +265,7 @@ class Puppet::SSLCertificates::CA ) # This creates the cakey file - Puppet::Util.asuser(Puppet[:user], Puppet[:group]) do + Puppet::SUIDManager.asuser(Puppet[:user], Puppet[:group]) do @cert = cert.mkselfsigned end Puppet.config.write(:cacert) do |f| diff --git a/lib/puppet/suidmanager.rb b/lib/puppet/suidmanager.rb new file mode 100644 index 000000000..2f4d428e3 --- /dev/null +++ b/lib/puppet/suidmanager.rb @@ -0,0 +1,74 @@ +require 'facter' +require 'puppet' + +module Puppet + module SUIDManager + platform = Facter["kernel"].value + [:uid=, :uid, :gid=, :gid].each do |method| + define_method(method) do |*args| + if platform == "Darwin" and (Facter['rubyversion'] <=> "1.8.5") < 0 + Puppet.warning "Cannot change real UID on Darwin on Ruby versions earlier than 1.8.5" + method = ("e" + method.to_s).intern unless method.to_s[0] == 'e' + end + + return Process.send(method, *args) + end + module_function method + end + + [:euid=, :euid, :egid=, :egid].each do |method| + define_method(method) do |*args| + Process.send(method, *args) + end + module_function method + end + + def run_and_capture(command, new_uid=self.euid, new_gid=self.egid) + output = nil + + asuser(new_uid, new_gid) do + # capture both stdout and stderr unless we are on ruby < 1.8.4 + # NOTE: this would be much better facilitated with a specialized popen() + # (see the test suite for more details.) + if (Facter['rubyversion'].value <=> "1.8.4") < 0 + unless @@alreadywarned + Puppet.warning "Cannot capture STDERR when running as another user on Ruby < 1.8.4" + @@alreadywarned = true + end + output = %x{#{command}} + else + output = %x{#{command} 2>&1} + end + end + + [output, $?.dup] + end + + module_function :run_and_capture + + def system(command, new_uid=self.euid, new_gid=self.egid) + asuser(new_uid, new_gid) do + Kernel.system(command) + end + end + + module_function :system + + def asuser(new_euid, new_egid) + new_euid = Puppet::Util.uid(new_euid) + new_egid = Puppet::Util.uid(new_egid) + + old_euid, old_egid = [ self.euid, self.egid ] + self.egid = new_egid ? new_egid : old_egid + self.euid = new_euid ? new_euid : old_euid + output = yield + self.egid = old_egid + self.euid = old_euid + + output + end + + module_function :asuser + end +end + diff --git a/lib/puppet/type/exec.rb b/lib/puppet/type/exec.rb index 442eb311f..8b964cbb3 100755 --- a/lib/puppet/type/exec.rb +++ b/lib/puppet/type/exec.rb @@ -186,7 +186,7 @@ module Puppet is because of a bug within Ruby." munge do |user| - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 self.fail "Only root can execute commands as other users" end require 'etc' @@ -537,26 +537,9 @@ module Puppet end withenv env do - # The user and group default to nil, which 'asuser' - # handlers correctly - Puppet::Util.asuser(self[:user], self[:group]) { - # capture both stdout and stderr - if self[:user] - unless defined? @@alreadywarned - Puppet.warning( - "Cannot capture STDERR when running as another user" - ) - @@alreadywarned = true - end - output = %x{#{command}} - else - output = %x{#{command} 2>&1} - end - } - status = $?.dup - + output, status = Puppet::SUIDManager.run_and_capture(command, self[:user], self[:group]) # The shell returns 127 if the command is missing. - if $?.exitstatus == 127 + if status.exitstatus == 127 raise ArgumentError, output end end diff --git a/lib/puppet/type/pfile.rb b/lib/puppet/type/pfile.rb index 7ce384077..5d7a3e881 100644 --- a/lib/puppet/type/pfile.rb +++ b/lib/puppet/type/pfile.rb @@ -226,7 +226,7 @@ module Puppet # Determine the user to write files as. def asuser if self.should(:owner) and ! self.should(:owner).is_a?(Symbol) - writeable = Puppet::Util.asuser(self.should(:owner)) { + writeable = Puppet::SUIDManager.asuser(self.should(:owner)) { FileTest.writable?(File.dirname(self[:path])) } @@ -930,7 +930,7 @@ module Puppet end # As the correct user and group - Puppet::Util.asuser(asuser(), self.should(:group)) do + Puppet::SUIDManager.asuser(asuser(), self.should(:group)) do f = nil # Open our file with the correct modes if mode diff --git a/lib/puppet/type/pfile/ensure.rb b/lib/puppet/type/pfile/ensure.rb index ac045dfd6..2e48e0165 100755 --- a/lib/puppet/type/pfile/ensure.rb +++ b/lib/puppet/type/pfile/ensure.rb @@ -67,7 +67,7 @@ module Puppet "Cannot create %s; parent directory %s does not exist" % [@parent[:path], parent] end - Puppet::Util.asuser(@parent.asuser()) { + Puppet::SUIDManager.asuser(@parent.asuser()) { if mode Puppet::Util.withumask(000) do Dir.mkdir(@parent[:path],mode) diff --git a/lib/puppet/type/pfile/source.rb b/lib/puppet/type/pfile/source.rb index 65aec1dfd..9ee236850 100755 --- a/lib/puppet/type/pfile/source.rb +++ b/lib/puppet/type/pfile/source.rb @@ -71,7 +71,7 @@ module Puppet } # we can't manage ownership as root, so don't even try - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 args.delete(:owner) end diff --git a/lib/puppet/type/pfile/target.rb b/lib/puppet/type/pfile/target.rb index 23fb30390..a2d174c2e 100644 --- a/lib/puppet/type/pfile/target.rb +++ b/lib/puppet/type/pfile/target.rb @@ -45,7 +45,7 @@ module Puppet end end Dir.chdir(File.dirname(@parent[:path])) do - Puppet::Util.asuser(@parent.asuser()) do + Puppet::SUIDManager.asuser(@parent.asuser()) do mode = @parent.should(:mode) if mode Puppet::Util.withumask(000) do diff --git a/lib/puppet/type/pfile/uid.rb b/lib/puppet/type/pfile/uid.rb index 166adac32..72d2a7e03 100755 --- a/lib/puppet/type/pfile/uid.rb +++ b/lib/puppet/type/pfile/uid.rb @@ -117,7 +117,7 @@ module Puppet end def sync - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 unless defined? @@notifieduid self.notice "Cannot manage ownership unless running as root" #@parent.delete(self.name) diff --git a/lib/puppet/util.rb b/lib/puppet/util.rb index c6ad30e3b..049d66b49 100644 --- a/lib/puppet/util.rb +++ b/lib/puppet/util.rb @@ -19,83 +19,6 @@ module Util return @@syncresources[resource] end - # Execute a block as a given user or group - def self.asuser(user = nil, group = nil) - require 'etc' - - uid = nil - gid = nil - olduid = nil - oldgid = nil - - # If they're running as a normal user, then just execute as that same - # user. - unless Process.uid == 0 - retval = yield - return retval - end - - begin - # the groupid, if we got passed a group - # The gid has to be changed first, because, well, otherwise we won't - # be able to - if group - if group.is_a? Integer - gid = group - else - gid = self.gid(group) - end - - if gid - if Process.gid != gid - oldgid = Process.gid - begin - Process.egid = gid - rescue => detail - raise Puppet::Error, "Could not change GID: %s" % detail - end - end - else - Puppet.warning "Could not retrieve GID for %s" % group - end - end - - if user - if user.is_a? Integer - uid = user - else - uid = self.uid(user) - end - uid = self.uid(user) - - if uid - # Now change the uid - if Process.uid != uid - olduid = Process.uid - begin - Process.euid = uid - rescue => detail - raise Puppet::Error, "Could not change UID: %s" % detail - end - end - else - Puppet.warning "Could not retrieve UID for %s" % user - end - end - retval = yield - ensure - if olduid - Process.euid = olduid - end - - if oldgid - Process.egid = oldgid - end - end - - return retval - end - # Change the process to a different user def self.chuser if Facter["operatingsystem"].value == "Darwin" @@ -107,10 +30,10 @@ module Util unless group raise Puppet::Error, "No such group %s" % Puppet[:group] end - unless Process.gid == group + unless Puppet::SUIDManager.gid == group begin - Process.egid = group - Process.gid = group + Puppet::SUIDManager.egid = group + Puppet::SUIDManager.gid = group rescue => detail Puppet.warning "could not change to group %s: %s" % [group.inspect, detail] @@ -128,10 +51,10 @@ module Util unless user raise Puppet::Error, "No such user %s" % Puppet[:user] end - unless Process.uid == user + unless Puppet::SUIDManager.uid == user begin - Process.uid = user - Process.euid = user + Puppet::SUIDManager.uid = user + Puppet::SUIDManager.euid = user rescue $stderr.puts "could not change to user %s" % user exit(74) @@ -221,6 +144,13 @@ module Util # Get the UID of a given user, whether a UID or name is provided def self.uid(user) uid = nil + + # if we don't have any user info, warn and GTFO. + if !user + Puppet.warning "Username provided for lookup is nil" + return nil + end + if user =~ /^\d+$/ user = Integer(user) end diff --git a/test/executables/puppetca.rb b/test/executables/puppetca.rb index a6ea9aae4..d7a6933b4 100755 --- a/test/executables/puppetca.rb +++ b/test/executables/puppetca.rb @@ -68,7 +68,7 @@ class TestPuppetCA < Test::Unit::TestCase uid = Puppet::Util.uid(Puppet[:user]) - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 assert(! FileTest.owned?(signedfile), "cert is owned by root") end assert_nothing_raised { diff --git a/test/language/interpreter.rb b/test/language/interpreter.rb index 37b4e9022..c127ab517 100755 --- a/test/language/interpreter.rb +++ b/test/language/interpreter.rb @@ -212,7 +212,7 @@ class TestInterpreter < Test::Unit::TestCase } end - if Process.uid == 0 and Facter["hostname"].value == "culain" + if Puppet::SUIDManager.uid == 0 and Facter["hostname"].value == "culain" def test_ldapreconnect Puppet[:ldapbase] = "ou=hosts, dc=madstop, dc=com" Puppet[:ldapnodes] = true diff --git a/test/lib/puppettest/exetest.rb b/test/lib/puppettest/exetest.rb index 5f155b47f..94e8ec8c9 100644 --- a/test/lib/puppettest/exetest.rb +++ b/test/lib/puppettest/exetest.rb @@ -47,8 +47,8 @@ module PuppetTest::ExeTest args += " --confdir %s" % Puppet[:confdir] args += " --vardir %s" % Puppet[:vardir] args += " --masterport %s" % @@port - args += " --user %s" % Process.uid - args += " --group %s" % Process.gid + args += " --user %s" % Puppet::SUIDManager.uid + args += " --group %s" % Puppet::SUIDManager.gid args += " --nonodes" args += " --autosign true" diff --git a/test/lib/puppettest/support/helpers.rb b/test/lib/puppettest/support/helpers.rb index 7fae994d9..cbcbcb1f6 100644 --- a/test/lib/puppettest/support/helpers.rb +++ b/test/lib/puppettest/support/helpers.rb @@ -3,7 +3,7 @@ require 'puppettest' module PuppetTest def nonrootuser Etc.passwd { |user| - if user.uid != Process.uid and user.uid > 0 + if user.uid != Puppet::SUIDManager.uid and user.uid > 0 return user end } @@ -11,7 +11,7 @@ module PuppetTest def nonrootgroup Etc.group { |group| - if group.gid != Process.gid and group.gid > 0 + if group.gid != Puppet::SUIDManager.gid and group.gid > 0 return group end } diff --git a/test/other/config.rb b/test/other/config.rb index 3e2c125c7..0afe8979b 100755 --- a/test/other/config.rb +++ b/test/other/config.rb @@ -524,7 +524,7 @@ yay = /a/path user = nonrootuser() group = nonrootgroup() - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 args[:owner] = user.name args[:group] = group.name end @@ -540,7 +540,7 @@ yay = /a/path assert_equal(mode, filemode(path), "Modes are not equal") # OS X is broken in how it chgrps files - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 assert_equal(user.uid, File.stat(path).uid, "UIDS are not equal") case Facter["operatingsystem"].value @@ -562,7 +562,7 @@ yay = /a/path user = nonrootuser() group = nonrootgroup() - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 args[:owner] = user.name args[:group] = group.name end @@ -577,7 +577,7 @@ yay = /a/path # OS X and *BSD is broken in how it chgrps files - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 assert_equal(user.uid, File.stat(path).uid, "UIDS are not equal") case Facter["operatingsystem"].value diff --git a/test/providers/group.rb b/test/providers/group.rb index 63aafc1f7..1948dbdc4 100755 --- a/test/providers/group.rb +++ b/test/providers/group.rb @@ -173,7 +173,7 @@ class TestGroupProvider < Test::Unit::TestCase } end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 def test_mkgroup gobj = nil comp = nil diff --git a/test/providers/package.rb b/test/providers/package.rb index 1c3621909..64c443c00 100644 --- a/test/providers/package.rb +++ b/test/providers/package.rb @@ -18,7 +18,7 @@ class TestPackageProvider < Test::Unit::TestCase def test_nothing end - if Facter["operatingsystem"].value == "Solaris" and Process.uid == 0 + if Facter["operatingsystem"].value == "Solaris" and Puppet::SUIDManager.uid == 0 if Puppet.type(:package).provider(:blastwave).suitable? # FIXME The packaging crap needs to be rewritten to support testing # multiple package types on the same platform. diff --git a/test/providers/user.rb b/test/providers/user.rb index 15fc202f5..1244f6acd 100644 --- a/test/providers/user.rb +++ b/test/providers/user.rb @@ -399,7 +399,7 @@ class TestUserProvider < Test::Unit::TestCase assert_equal(main.sort, list.sort, "Group list is not equal") end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 def test_simpleuser name = "pptest" diff --git a/test/puppet/defaults.rb b/test/puppet/defaults.rb index 46accc9c6..250fd29c0 100755 --- a/test/puppet/defaults.rb +++ b/test/puppet/defaults.rb @@ -63,7 +63,7 @@ class TestPuppetDefaults < Test::Unit::TestCase # we don't want user defaults in /, or root defaults in ~ def testDefaultsInCorrectRoots notval = nil - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 notval = Regexp.new(File.expand_path("~")) else notval = /^\/var|^\/etc/ diff --git a/test/puppet/suidmanager.rb b/test/puppet/suidmanager.rb new file mode 100644 index 000000000..f5cb8496e --- /dev/null +++ b/test/puppet/suidmanager.rb @@ -0,0 +1,71 @@ +require 'test/unit' +require 'puppettest' + +class TestProcess < Test::Unit::TestCase + def setup + if Process.uid != 0 + $stderr.puts "Process tests must be run as root" + @run = false + else + @run = true + end + end + + def test_id_set + if @run + # FIXME: use the test framework uid finder + assert_nothing_raised do + Puppet::SUIDManager.egid = 501 + Puppet::SUIDManager.euid = 501 + end + + assert_equal(Puppet::SUIDManager.euid, Process.euid) + assert_equal(Puppet::SUIDManager.egid, Process.egid) + + assert_nothing_raised do + Puppet::SUIDManager.euid = 0 + Puppet::SUIDManager.egid = 0 + end + + assert_uid_gid(501, 501) + end + end + + def test_asuser + if @run + uid, gid = [nil, nil] + + assert_nothing_raised do + Puppet::SUIDManager.asuser(501, 501) do + uid = Puppet::SUIDManager.euid + gid = Puppet::SUIDManager.egid + end + end + + assert_equal(501, uid) + assert_equal(501, gid) + end + end + + def test_system + # NOTE: not sure what shells this will work on.. + # FIXME: use the test framework uid finder, however the uid needs to be < 255 + if @run + Puppet::SUIDManager.system("exit $EUID", 10, 10) + assert_equal($?.exitstatus, 10) + end + end + + def test_run_and_capture + if (RUBY_VERSION <=> "1.8.4") < 0 + warn "Cannot run this test on ruby < 1.8.4" + else + # NOTE: because of the way that run_and_capture currently + # works, we cannot just blindly echo to stderr. This little + # hack gets around our problem, but the real problem is the + # way that run_and_capture works. + output = Puppet::SUIDManager.run_and_capture("ruby -e '$stderr.puts \"foo\"'")[0].chomp + assert_equal(output, 'foo') + end + end +end diff --git a/test/types/cron.rb b/test/types/cron.rb index b802a1c77..2794ec358 100755 --- a/test/types/cron.rb +++ b/test/types/cron.rb @@ -360,7 +360,7 @@ class TestCron < Test::Unit::TestCase obj = nil assert_nothing_raised { - obj = type.new(Process.uid) + obj = type.new(Puppet::SUIDManager.uid) } txt = nil diff --git a/test/types/exec.rb b/test/types/exec.rb index 615dd86cd..c5decb80a 100755 --- a/test/types/exec.rb +++ b/test/types/exec.rb @@ -305,7 +305,7 @@ class TestExec < Test::Unit::TestCase assert_events([:executed_command], comp) end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 # Verify that we can execute commands as a special user def mknverify(file, user, group = nil, id = true) args = { diff --git a/test/types/file.rb b/test/types/file.rb index d2c593c8b..71a04a40d 100644 --- a/test/types/file.rb +++ b/test/types/file.rb @@ -103,7 +103,7 @@ class TestFile < Test::Unit::TestCase } end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 def test_createasuser dir = tmpdir() diff --git a/test/types/mount.rb b/test/types/mount.rb index e0838e072..78a5443b2 100755 --- a/test/types/mount.rb +++ b/test/types/mount.rb @@ -156,7 +156,7 @@ class TestMounts < Test::Unit::TestCase assert_events([:mount_changed], fs) end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 def test_mountfs fs = nil case Facter["hostname"].value diff --git a/test/types/package.rb b/test/types/package.rb index 38bb3b08d..e290d12ad 100644 --- a/test/types/package.rb +++ b/test/types/package.rb @@ -191,7 +191,7 @@ class TestPackages < Test::Unit::TestCase end end - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 $stderr.puts "Run as root to perform package installation tests" else def test_installpkg diff --git a/test/types/service.rb b/test/types/service.rb index f9d6251ad..79ec0c40c 100644 --- a/test/types/service.rb +++ b/test/types/service.rb @@ -227,7 +227,7 @@ class TestLocalService < Test::Unit::TestCase } end - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 puts "run as root to test service start/stop" else def test_servicestartstop diff --git a/test/types/user.rb b/test/types/user.rb index 703004f57..9a2781308 100755 --- a/test/types/user.rb +++ b/test/types/user.rb @@ -64,7 +64,7 @@ class TestUser < Test::Unit::TestCase user = Puppet.type(:user).create( :name => name, :comment => "Puppet Testing User", - :gid => Process.gid, + :gid => Puppet::SUIDManager.gid, :shell => findshell(), :home => "/home/%s" % name ) diff --git a/test/types/zone.rb b/test/types/zone.rb index 46f411ef3..b0d02d748 100755 --- a/test/types/zone.rb +++ b/test/types/zone.rb @@ -186,7 +186,7 @@ end" "Got incorrect config text") end - if Process.uid == 0 + if Puppet::SUIDManager.uid == 0 # Make sure our ensure process actually works. def test_ensure_sync zone = mkzone("ensuretesting") diff --git a/test/util/utiltest.rb b/test/util/utiltest.rb index b3a356429..f18f16906 100755 --- a/test/util/utiltest.rb +++ b/test/util/utiltest.rb @@ -73,7 +73,7 @@ class TestPuppetUtil < Test::Unit::TestCase # know them def test_gidbyunknownid gid = nil - group = Process.gid + group = Puppet::SUIDManager.gid assert_nothing_raised { gid = Puppet::Util.gid(group) } @@ -85,7 +85,7 @@ class TestPuppetUtil < Test::Unit::TestCase def user require 'etc' unless defined? @user - obj = Etc.getpwuid(Process.uid) + obj = Etc.getpwuid(Puppet::SUIDManager.uid) @user = obj.name end return @user @@ -101,7 +101,7 @@ class TestPuppetUtil < Test::Unit::TestCase } assert(uid, "Could not retrieve uid for %s" % user) - assert_equal(Process.uid, uid, "UIDs did not match") + assert_equal(Puppet::SUIDManager.uid, uid, "UIDs did not match") assert(Puppet.type(:user)[user], "Util did not create %s" % user) end @@ -127,7 +127,7 @@ class TestPuppetUtil < Test::Unit::TestCase # know them def test_uidbyunknownid uid = nil - user = Process.uid + user = Puppet::SUIDManager.uid assert_nothing_raised { uid = Puppet::Util.uid(user) } @@ -179,7 +179,7 @@ class TestPuppetUtil < Test::Unit::TestCase end end - unless Process.uid == 0 + unless Puppet::SUIDManager.uid == 0 $stderr.puts "Run as root to perform Utility tests" def test_nothing end @@ -213,23 +213,23 @@ class TestPuppetUtil < Test::Unit::TestCase if group gid = group.gid else - gid = Process.gid + gid = Puppet::SUIDManager.gid end uid = nil if user uid = user.uid else - uid = Process.uid + uid = Puppet::SUIDManager.uid end assert_nothing_raised { - Puppet::Util.asuser(*args) { - assert_equal(Process.euid, uid, "UID is %s instead of %s" % - [Process.euid, uid] + Puppet::SUIDManager.asuser(*args) { + assert_equal(Puppet::SUIDManager.euid, uid, "UID is %s instead of %s" % + [Puppet::SUIDManager.euid, uid] ) - assert_equal(Process.egid, gid, "GID is %s instead of %s" % - [Process.egid, gid] + assert_equal(Puppet::SUIDManager.egid, gid, "GID is %s instead of %s" % + [Puppet::SUIDManager.egid, gid] ) system("touch %s" % file) } @@ -284,7 +284,7 @@ class TestPuppetUtil < Test::Unit::TestCase rescue end - assert(Process.euid == 0, "UID did not get reset") + assert(Puppet::SUIDManager.euid == 0, "UID did not get reset") end end |